[dns-operations] More Aggressive prefetch for popular names

Paul Hoffman phoffman at proper.com
Wed Apr 10 14:27:55 UTC 2019

On 10 Apr 2019, at 0:42, Giovane Moura wrote:

>> So why would anyone want to prefetch popular names? You get a lot of 
>> hits
>> already while the TTL expires. Preventing that one cache miss does 
>> not get
>> you a lot of gain on aggregate. It appears that the benefit of 
>> prefetching
>> is concentrated among 'moderately popular domains'.
>> If a popular name with a low TTL has a slow / unreliable set of
>> authoritative servers, why paper over that? They can either raise 
>> their TTL
>> or fix their servers.
> +1
> Plus, let's not forget the consequences for auth servers if thousands 
> of
> resolvers start to do prefetching: if they were slow, imagine then 
> with
> prefetching from potentially thousands of clients for thousands of
> domains. It can and will probably make things *worse* for the auth 
> side.
> Modern resolvers already have two built in mechanism to deal with slow
> or unresponsive auth servers: server switching (looping thru the NS
> list) and retries (resending the queries).
> We have seen in a controlled experiment with 15,000 vantage points 
> what
> can happen when auth servers become unresponsive (like during a DDos):
> resolvers will multiply their normal query load by 8-9 times, in an
> attempt to resolve a domain. See Fig  9 in [1].
> In summary: prefetching may backfire big time. By creating 
> unnecessarily
> traffic, it may winding up increasing the latency for everybody.
> /giovane
> [1] https://www.isi.edu/~johnh/PAPERS/Moura18b.pdf

The flip side of this argument is that prefetching when a new request is 
expected within the next TTL helps the first users after the TTL 
expiration. For 30-second TTLs, this could easily be of value to more 
than one user, particularly if the authoritative response is slow.

Prefetching without a perceived need is indeed wasteful. However, if the 
name was served from the cache during the last 25% of the TTL, that's a 
good indication that it will be requested again after the TTL has 
expired. Using this non-aggressive pre-fetching "requested from the 
cache during the end of lifetime" rule seems useful to resolver users 
while only increasing the authoritative load in the less common cases.

--Paul Hoffman

More information about the dns-operations mailing list